JP3505058B2 - Network system security management method - Google Patents

Description

Detailed Description of the Invention

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a security management method for a network system having a client and a server, and more particularly to a network that performs unified management of users and provides users with a single sign-on function. It relates to a system security management method.

[0002]

2. Description of the Related Art With the spread of the Internet, the market trend regarding security management has changed remarkably.
Particularly, when a wide area network system such as the Internet and an in-house network system are combined, a user authentication function for integrating both networks and a function for controlling access to resources in the network system are required. In other words, centralized management of users and centralized management of network resources across both the wide area network system and the corporate network system is desired.

As a method for centrally managing users who use a wide area network system, for example, Japanese Patent Laid-Open No. 6-223
As described in Japanese Patent No. 041, there is a method of issuing information as a certificate in which the user's personal information and usage environment information are encrypted with a private key, and the user uses this certificate to log in to the system. . As a security management method considering a distributed system, for example, Japanese Patent Laid-Open No. 8-106
As described in Japanese Patent No. 437, there is a method of using a logon certificate that proves the qualification when a user accesses a domain other than the home domain. Further, Japanese Patent Laid-Open No. 7-141296 discloses a TTP (Tr that manages security across network domains.
Disclosed is a system in which a used third party is provided, and a security policy of the entire network is set and changed, and access control is performed based on the security policy.

[0004]

As described above, the method of performing user authentication and access control using a certificate is expected to become widespread as one of security management methods for wide area network systems in the future. However, considering the actual network system, it is difficult for the current corporate network system to immediately shift to a method of using a certificate issued by an external certificate issuing organization or shift to security management by TTP. it is conceivable that. That is, it is considered realistic to introduce a single sign-on method using a certificate while leaving the user authentication method using the current user ID and password.

An object of the present invention is to provide a security management method for facilitating the transition from the current user authentication method using a user ID and password to single sign-on by using a certificate.

[0006]

The present invention is a security management method for a network system in which a client, a server, and an integrated authentication server can communicate with each other via a network, and the certificate information is transmitted from the client to the server . Request the business, send the certificate information from the server to the integrated authentication server, and request the certificate confirmation.
Perform and check access rights to the confirmation and the user of the server <br/> of the certificate by the integrated authentication server, service if it is legitimate
The security management method is characterized in that the user ID and password are transmitted to the server , and the server authenticates the user ID and password.

[0007] Instead of confirming the certificate by the integrated authentication server, the server confirms the certificate.
Makes a request of a user ID and password and sends the information of the certificate to the integrated authentication server from the server, checks the access rights to the user of the server by the integrated authentication server, the user ID and password if it is legitimate to the server You may make it transmit and authenticate with a user ID and a password by a server .

[0008] Further, the present invention performs a work request by sending a user ID and password from the client to the server, support
And transmits the user ID and password to the integrated authentication server from over server, checks the access rights to the user of the server by the integrated authentication server, via the Create a temporary certificate if the legitimate server It features a security management method to send to the client.

[0009] Further, the present invention is, check the results of the certificate to be executed in the integrated authentication server and the server during the period from log in to the system by the client to log off, check the results of the access rights to the server, user ID and password authentication result of And the security check result including the check result of the access authority to the data held by the server is recorded as access history information, and the integrated authentication server performs the security check including the confirmation result of the certificate and the check of the access authority to the server . The security management method is characterized in that the result of is recorded as access history information, and the access status of the user is checked by matching the access history information recorded by the client with the access history information recorded by the integrated authentication server.

Further, the computer program materialized on the storage medium readable by the integrated authentication server can be executed to perform the processing on the integrated authentication server side of the above method.

[0011]

BEST MODE FOR CARRYING OUT THE INVENTION An embodiment of the present invention will be described below with reference to the drawings.

FIG. 1 is a block diagram of the network system of this embodiment. A company network system 1 and another company network system 9 are connected to a wide area network 10 such as the Internet. In addition to the client 8, the corporate network system 1 includes an integrated authentication server 2, a server 3 for managing security information, a database (DB) server 5, a business server 6, a groupware server 4, a key management server 17, and a certificate issuance. Server 1
Servers such as 8 are connected. The DB server 5 and the business server 6 are servers that are accessed by the client 8 and used for business processing. The groupware server 4 is a server that sends the first job menu screen to the client 8, sends an email to the client 8, and manages the user's schedule. Server 3 is D
This is a server that centrally manages security information including information that controls access to the B server 5 and the business server 6 and user access control information that includes authentication information such as a user ID and a password. The integrated authentication server 2
The certificate sent from the client 8 is confirmed, and the server 3
Obtain security information from the user's DB server 5
And a server for checking the access authority to the business server 6. The key management server 17 is a server that generates a master key used in encrypted communication in the corporate network system 1. An external certificate issuing server 7 is connected to the wide area network 10. The external certificate issuing server 7
It is a server that issues an external certificate according to a predetermined procedure. The certificate issuing server 18 is a server that issues a certificate to a user who does not have an external certificate in response to a request from the integrated authentication server 2. A so-called directory server may have the information of the server 3. The client 8 and various servers are information processing devices including personal computers, workstations and the like.
Further, a computer program realized on a storage medium readable by the client 8 and various servers can be executed to perform the processes of the client 8 and various servers described in detail below.

When the user's certificate information is input from the client 8 or the client 20 connected to the network system 9 of another company and logs in to the DB server 5, for example, the DB server 5 or the integrated authentication server 2 confirms the certificate. Then, the integrated authentication server 2 acquires the security information from the server 3 and checks the access authority to the DB server 5. If there is access authority, authentication information such as a user ID and password is sent to the DB server 5, and the DB server 5 performs user authentication processing. When the business process using the DB server 5 is completed and the next time the user logs in to the business server 6, the client 8 sends the already-entered certificate to the business server 6, and the single sign-on is performed by performing the above procedure. To be realized. For a user who does not have a certificate, a certificate is issued by logging in by inputting a user ID and a password. After that, the client 8 sends this certificate to the business server every time it moves to another business server, and a single You can sign on.

FIG. 2 is a diagram for explaining a system in which the server 3 for managing security information centrally manages security information. Security information regarding users and resources (documents, databases, terminal devices, application programs, etc.) managed by each server before introducing the server 3 is LDA by the LDAP information conversion program.
It is converted to P format, sent to the server 3, and centrally managed by the server 3. LDAP (Lightweight Da)
ta Access Protocol) is IETF
A standard directory access protocol.

FIG. 3 shows an example of LDAP format information.
It is a figure which shows the definition of a document and the format of access control information of a business server. The document definition is composed of document identification information and document access control information. The document identification information includes a document identifier, an identifier of a server that manages this document, an organization name, and document information (document title, document update date,
Document manager, keywords for document search, subject, abstract, author name). On the other hand, the access control information of the document includes access control information, final modification information, security policy and the like. The access control information is information that controls access to a part of the document like the access control information of a specific page in the document. The final correction information is the update date of the access control information. The security policy sets the access level of the user who is permitted to access the document. For example, it is possible to perform an operation in which the users having policy numbers 1 to 3 are allowed to access the relevant document. The document definition is information managed by the business server 6.

The ACL (Access Co) of the business server
control list: access control information when accessing the business server 6, the identifier of the management source server of the access control information, the update date of the domain security definition, the default security policy and the authorization security policy as the security policy. , And via DSA (Domain
Security Authority) is defined. The authorization security policy can be used, for example, to allow users with policy numbers 1 to 5 to access the business server 6. According to the passing DSA, the user authentication is defined to always be performed via the integrated authentication server 2. The access control information of the business server is information held by the server 3 and managed by the integrated authentication server 2.

In addition to the above access control information, it is necessary to set access control information for a user who accesses the business server 6 to access a specific document. As the access control information of the user, information on the user's certificate, authentication information such as user ID and password, department and job information to which the user belongs, access level (policy number) of the user, and the like are set. Depending on the access level setting, for example, the user with the policy number 4 is the business server 6
Can be accessed, but the operation of not allowing access to the document XXXX is possible. In addition, it is possible to operate such that users having a certain work system or higher are allowed to access a specific document.

FIG. 4 is a diagram showing a procedure in which the integrated authentication server 2 acquires the security information of the user from the server 3. The LDAP protocol is used for the procedure for acquiring the security information. The integrated authentication server 2 is first ld
When an LDAP connection is established with the server 3 by ap_open, mutual authentication between the integrated authentication server 2 and the server 3 is performed by ldap_simple_bind_s, and a user certificate number, a user ID, etc. are sent from the integrated authentication server 2 by ldap_search_s. , Server 3 transmits the user's security information to integrated authentication server 2.

FIG. 5 is a diagram showing a procedure of processing from a user of the client 8 logging in to the corporate network system 1 to logging off. Here, the procedure when the user logs in using a certificate (including an external certificate) will be described. The client 8 displays the work menu on the display device of the client 8. When the user selects the business server 6 and inputs the certificate information from a storage medium such as an IC card, the client 8 encrypts the certificate information with the user's private key and stores it in the storage device, and then the business request. And the contents of the certificate encrypted with the user's private key are transmitted to the business server 6. The business server 6 sends the certificate information to the integrated authentication server 2 and requests confirmation of its contents. The integrated authentication server 2 decrypts the encrypted certificate with the user's public key, and then confirms the certificate. The data structure of the certificate is X. 509, the contents of which include information such as the name of the owner, the issuer, the signature of the issuer, and the expiration date. Since the signature of the issuer is encrypted with the private key of the issuer, this signature is first decrypted with the public key of the issuer and compared with the original to confirm that the certificate is valid. Next, confirm the contents such as the expiration date.
If the certificate is improper (NG), the business server 6
A message of login disapproval is transmitted to the client 8 via. If the certificate is appropriate (OK),
The server 3 is inquired to obtain the security information of the user. The procedure is as described above. The security information of the user is composed of the access control information of the business server 6 and the access control information of the user. The integrated authentication server 2 compares the access level of the user with the access level of the business server 6, and the business server 6
If the access can be permitted, the access history information indicating that the user is permitted to access is recorded in the storage device,
The user's access control information such as the encrypted user ID, password, access level, and job management information is transmitted to the business server 6. When the business server 6 holds the user's access control information such as the access level and job management information corresponding to the user ID, it is not necessary to transmit the access control information other than the user ID and the password. The business server 6 decrypts the received access control information, and first performs authentication processing as to whether or not the user ID and password match the registered one. If they do not match, access to the business server 6 is not permitted. If they match, a permission message is sent to the client 8. After that, every time the client 8 makes a document access request, whether or not to permit the document access is determined based on the document access control information, the user access level, and the job management information. The client 8 makes an access request to a document held by the business server 6 to perform business processing. The client 8 records the access history information about the document to be accessed in the storage device during the business process.

After the business processing related to the business server 6 is completed in this manner, the business menu is again displayed on the client 8
Is displayed on the display device. If the user next selects the DB server 5, the client 8 retrieves the stored certificate of the user and sends it to the DB server 5 together with the business request. Therefore, the user does not need to input the certificate information again. The DB server 5 sends the certificate information to the integrated authentication server 2 and requests confirmation of its contents. Thereafter, similarly to the above, the integrated authentication server 2 decrypts the encrypted certificate with the user's public key and then confirms the certificate.
The verification result of the certificate and the access history information for permitting / denying the user access to the DB server 5 are recorded, and the access control information is transmitted to the DB server 5. DB
The server 5 performs a user authentication process with the user ID and password. When the access of the user is permitted, it is determined whether or not the access of the specified database, table, column of the table, etc. is permitted based on the access control information received thereafter. The client 8 uses the DB server 5 to perform business processing, and records the access history information about the database to be accessed during the business processing. When the business process is completed in this way and the user inputs a logoff, the client 8 sends the recorded access history information to the integrated authentication server 2 and erases the certificate information stored in the storage device. The integrated authentication server 2
The received access history information and the access history information recorded by the integrated authentication server 2 are compared to check whether the access is valid or not.

In the processing procedure shown in FIG. 5, the same processing procedure is applied when logging in to the groupware server 4 instead of logging in to the business server 6 for the first time.

FIG. 6 is a diagram showing a processing procedure when the business server 6 and the DB server 5 have a function of confirming the contents of the certificate. 6 is different from the procedure of FIG. 5 in that
The point is to confirm the certificate after the business server 6 and the DB server 5 instead of the integrated authentication server 2 decrypt the certificate encrypted with the user's private key with the user's public key. In order for each business server to confirm the content of the certificate, it is necessary to have a function of acquiring the public key of the certificate issuer and confirming the signature of the certificate issuer.

FIG. 7 is a diagram showing a procedure of processing from a user without a certificate logging in to the corporate network system 1 to logging off. When the user selects the business server 6 from the business menu and inputs the user ID and password, the client 8 transmits the business request, the user ID, and the password to the business server 6. The business server 6 performs the authentication process as to whether the received user ID and password match the registered one. If they do not match, access to the business server 6 is denied. When they match, the business server 6 sends the received user ID and password to the integrated authentication server 2. Integrated authentication server 2
Sends a user ID and password to the server 3 to make an inquiry, and acquires the security information of the user. Next, the integrated authentication server 2 checks whether or not the user has the authority to access the business server 6 by the above checking process based on the security information received from the server 3. If the user does not have the authority (NG), a message of login disapproval is transmitted to the client 8. If the user has the authority (OK), the certificate is issued. Since this certificate is issued for the purpose of temporarily permitting access to the business server 6, its validity period is shorter than that of a normal certificate (for example, only on the current day), and the access authority to the business server 6 is also limited. To be done. Next, the integrated authentication server 2 transmits the user's access control information such as the certificate, access level, and job management information to the business server 6. When the business server 6 holds the access control information, it is unnecessary to send the access control information. The business server 6 transmits the received certificate to the client 8. Client 8
After the received certificate is stored in the storage device, an access request is made to a document held by the business server 6 to perform business processing. Each time the client 8 makes a document access request, the business server 6 determines whether or not to permit document access based on the document access control information, the user access level, and job management information. The client 8 records the access history information about the document to be accessed during the business process. Further, the client 8 periodically checks the expiration date of the certificate, and warns the user when the expiration date has passed.

When the user selects the DB server 5 after finishing the business processing related to the business server 6 in this way, the client 8 takes out the stored certificate and sends it to the DB server 5 together with the business request. . The DB server 5 sends the certificate information to the integrated authentication server 2 and requests confirmation of its contents. The integrated authentication server 2 confirms the certificate as described above, and sends the access control information including the user ID and the password to the DB server 5. The DB server 5 performs the authentication process using the user ID and the password, and permits the access to the DB server 5 if it is valid. After that, the client 8 sends a database access request to the DB server 5 as described above, and the DB server 5 determines whether to permit the database access based on the user's access control information. The client 8 uses the DB server 5 to perform business processing, and during the business processing, records access history information about the database to be accessed. In this way, when the business process is completed and the user inputs a logoff, the client 8 sends the recorded access history information to the integrated authentication server 2 and erases the stored certificate information. The integrated authentication server 2 compares the received access history information with the access history information recorded by the integrated authentication server 2 to check whether the access is valid or not. If the user issues a certificate issuance request as part of the logoff procedure, the client 8 sends this request to the integrated authentication server 2. Integrated authentication server 2
Checks whether there is a problem with the security information and access status of the user. That is, if the integrated authentication server 2 does not record the login permission in the access history information after the user's authorization is confirmed, naturally there is a problem. Further, there is a problem even if the access history information on the client 8 side has a record of accessing the DB server 5 although there is no record of the access permission of the DB server 5 thereafter. Further, when the client 8 accesses the documents and databases of the business server 6 and the DB server 5 and the disapproval case is recorded in the access history information on the client 8 side, a problem occurs. When there is a problem (YE
S), the integrated authentication server 2 sends a message to the client 8 indicating that the issuance of the certificate is not permitted. If there is no problem (NO), the integrated authentication server 2 sends a certificate issuance request to the certificate issuing server 18, and the certificate issuing server 18 issues the certificate and sends it to the integrated authentication server 2 for integration. The authentication server 2 sends this certificate to the client 8. The client 8 outputs the received certificate to an external recording medium such as an IC card or a floppy disk. After this, the user can perform the login procedure using the certificate shown in FIG. As described above, according to this embodiment, even when a user who does not have a certificate logs in, single sign-on can be realized by logging in once. The integrated authentication server 2, the business server 6 and the DB server 5 are shown in FIG.
It is desirable to concurrently support both the processing procedure shown in FIG. 7 and the processing procedure shown in FIG.

FIG. 8 is a diagram showing a procedure of processing in which the integrated authentication server 2 monitors the access status of the user and detects a security breach. When the client 8 and the integrated authentication server 2 cooperate with each other, it is possible to check the access status of the user and detect a security breach in the system. In the example of FIG. 8, when the client 8 accesses the business server 6 to perform business processing, and when an access request is made for a certain document, the business server 6 performs an access check from the access control information of the user and the access control information of the document. If the access request is unreasonable as a result, an access-denied message is returned to the client 8. The client 8 records this access denial in the access history information. When the client 8 instructs the logoff, the access history information about the user recorded by the client 8 is transmitted to the integrated authentication server 2. The integrated authentication server 2 determines whether or not the access status of the user is valid based on the access history information collected by the integrated authentication server 2, the access history information collected by the client 8 and the matching of both. If it is determined that the user is making an unauthorized access or an inappropriate access, the integrated authentication server 2 deletes the access control information of the user.

There are the following cases, for example, as inappropriate access or inappropriate access by the user. (A) There is no record of login permission in the integrated authentication server 2.
That is, the confirmation result of the certificate is not permitted. (B) As a result of the user authorization confirmation check performed by the integrated authentication server 2, the client 8 is accessing the business server although the business server is not permitted to be accessed. (C) The result of the authentication process performed by the business server or the DB server is not permitted. (D) The client 8 detects that the certificate has expired. (E) The client 8 is trying to access an unauthorized document or database. (F) The time when the client 8 inputs the certificate, the time when the login command is issued, the time when the integrated authentication server 2 confirms the certificate, the business server 6 authenticates the user, and permits access to the business server 6. The security-related processing time recorded in the access history information, such as the time, is not in the correct chronological sequence.

According to this embodiment, the integrated authentication server 2 and the server 3 centrally manage the security information consisting of the access control information of the user and the access control information of the business server, so that the registration and update of the security information can be centralized. Each business server does not need to individually manage security information as in the conventional case.

FIG. 9 is a diagram showing a procedure of registration, inquiry and update of security information. FIG. 9A is a diagram showing a processing procedure of a security information registration phase. When each server requests the server 3 to register the security information, the server 3 registers the requested security information in the storage device. At this time, as described above, the existing security information is LDed using the LDAP information conversion program.
It can be converted to AP format. FIG. 9B is a diagram showing a procedure for inquiring security information. Each server inquires the integrated authentication server 2 about security information. If the integrated authentication server 2 has already fetched the security information about the specified user (YES),
Answer the security information. If it is not captured (NO), the server 3 is inquired to obtain the security information, and then the response is made to the requesting server. For example, this corresponds to the case where the business server 6 and the DB server 5 shown in FIG. 6 send the certificate information to the integrated authentication server 2 and inquire the security information. This is also the case when the business server 6 shown in FIG. 7 sends the user ID and password to the integrated authentication server 2 to request confirmation of the user's authority, issue a certificate, and receive the user's access control information. To do.
FIG. 9C is a diagram showing an example of updating security information. When the integrated authentication server 2 detects a security breach by the user, it notifies each server of the deletion of the user. It also requests the server 3 to delete the access control information for the user.

The present invention can be realized even if the integrated authentication server 2 and the server 3 are not separated but are the same server. Further, the integrated authentication server 2, the server 3, the key management server 17, and the certificate issuing server 18 can be realized by the same server.

Finally, encrypted communication among the client 8, the servers 5 and 6 and the integrated authentication server 2 will be described. When the conventional user information, especially the password information, is eavesdropped on the communication line, there is a security threat of impersonating others based on the stolen information. In the present invention, since the user is confirmed by using the information of the certificate that is originally disclosed and good, if a user's private key information is stolen in addition to the information of the certificate, a malicious third party can impersonate another person. It can happen. Therefore, client 8, server 5, 6
The communication with the integrated authentication server 2 needs to be performed by encrypted communication after mutually authenticating the communication partner. In particular, since security information regarding the user is transmitted and received between each server and the integrated authentication server 2, it is necessary to protect the information so that only the parties can see it. As a communication means for protecting security information, for example, SSL (Secure Socket Layer)
It has been known.

In order to perform encrypted communication, there is a problem of key management such as generation, delivery and recovery of an encryption key. The management method and the realization method differ depending on what kind of encryption means is used. An encryption technique based on a group key encryption method called Multi2 will be described below.

FIG. 10 is a diagram for explaining the procedure of data encryption processing using a group key. Key management server 17
Creates and distributes master keys for clients and servers. Then, an encryption key is generated to encrypt the message from this master key, but the party (who can specify more than one) who wants to read this message is registered in the destination list, and the master key and the destination list are used to dynamically Create a group key on
Encrypt the message with this group key. Figure 1
In the example of 0, the client 8 specifies the client 8, the business server 6, and the integrated authentication server 2 in the destination list A when transmitting the message A to the business server 6. Then, the group key A is not transmitted to the business server 6,
Only the encrypted version of message A and destination list A are sent. The business server 6 dynamically creates the group key A from the destination list A and the master key received together with the message A in order to decrypt the message A received from the client 8. The business server 6 decrypts the message A with the group key A thus created. Also when the message A is transmitted from the business server 6 to the integrated authentication server 2, the group key A is created from the master key and the destination list A, and the message A to be transmitted is encrypted with the group key A. The group key A can be dynamically created only by the party who is registered in the destination list A and has the master key, and thus the message A can be read only by the party who wants to be shown in this way.

Next, when the integrated authentication server 2 wants to send the message B to the business server 6, only the business server 6 is set in the destination list B, and the master key and the group key B created from the destination list B are used. Message B is encrypted and sent. Even if the client 8 tries to decrypt the encrypted message B, the client 8 cannot decrypt it because it is not registered in the destination list B. In the example of FIG. 10, the encrypted communication using the group key between the client 8 and each server has been described, but it is also possible for each user to have a master key. In this case,
It is also possible to store the master key in the IC card and generate the group key in the IC card. As mentioned above
In addition, according to the embodiment of the present invention,
The access server uses a conventional user ID and password based user.
User authentication while saving user authentication and access control
Can provide the function of single sign-on by using the certificate
It Also, for users who do not have a certificate,
Can realize single sign-on by issuing a certificate
it can. In addition, the client and integrated authentication server work together
By monitoring the access status of users,
Exclude users with problematic status from the system
You can

[0034]

As described above , it is integrated with the client.
Incorrect due to the authentication process linked by the authentication server
You can check access.

[Brief description of drawings]

FIG. 1 is a configuration diagram of a network system according to an embodiment.

FIG. 2 is a diagram illustrating a method in which the server 3 of the embodiment centrally manages security information.

FIG. 3 is a diagram showing an example of LDAP format information.

FIG. 4 is a diagram showing a procedure in which the integrated authentication server 2 according to the embodiment obtains user security information from the server 3.

FIG. 5 is a diagram showing a processing procedure of single sign-on using the certificate of the embodiment.

6 is a diagram showing a processing procedure in which a DB server 5 / business server 6 confirms a certificate instead of the integrated authentication server 2 in the processing procedure of FIG.

FIG. 7 is a diagram showing a processing procedure of single sign-on by a user who does not have a certificate according to the embodiment.

FIG. 8 is a diagram showing a processing procedure in which the integrated authentication server 2 of the embodiment monitors a user's access status and detects a security breach.

FIG. 9 is a diagram illustrating a process of managing security information according to the embodiment.

FIG. 10 is a diagram illustrating a procedure of data encryption processing using a group key.

[Explanation of symbols]

2: Integrated authentication server, 3: (Manages security information) server, 18: Certificate issuing server

─────────────────────────────────────────────────── ─── Continuation of the front page (56) References JP-A-9-34822 (JP, A) Suzuki, “Outline of IC card authentication system“ Smart Pass ””, mobile media magazine, Japan, Ltd. C-Media, October 29, 1996, Volume 18, p. 49, Yamada, "User authentication technology for remote connection", Nikkei Communication, Nikkei, Nikkei BP, August 5, 1996, No. 227 , P.124-131 (58) Fields investigated (Int. Cl. ⁷ , DB name) G06F 15/00 H04L 9/32

Claims (5)

(57) [Claims] 1. A client and a server via a network
A bus and the integrated authentication server security management method which can communicate network system to each other, into a business request from the client transmits the information of the certificate to the server, transmits the information certificate to the integrated authentication server from the server to confirm the request of the certificate, the make and check access rights to the confirmation and the user the server of the certificate by the integrated authentication server, user I if it is legitimate to the server
D and password are sent, and the user ID is sent by the server .
A security management method characterized by performing authentication with a password. 2. The method of claim 1] instead of performing the confirmation of the certificate by the integrated authentication server, confirms the certificate by the server, Sir
Makes a request of a user ID and password and sends the information of the certificate to the integrated authentication server from the server, checks the access rights to the user the server of the integrated authentication server, user ID and password if it is legitimate to the server 2. The security management method according to claim 1, wherein the server is authenticated, and the server authenticates the user ID and password. Wherein said integrated authentication server and the service between the login to the system by the client to log off
Check the results of the certificate that over server to run, check the results of access to the server, access the results of the security check, including a check result of the access to the data held by the authentication result and the server of the user ID and password The history information is recorded as the history information, the result of the security check including the confirmation result of the certificate by the integrated authentication server and the check of the access authority to the server is recorded as the access history information, and the access history information recorded by the client and the 2. The security management method according to claim 1, wherein the access status of the user is checked by matching the access history information recorded by the integrated authentication server. 4. A client and server via a network
A computer program bus and integrated authentication server is instantiated on a storage medium readable by the integrated authentication server in a communicable network system to each other, said program comprising the following steps: (a) to the client Receiving the certificate information sent via the server , (b) confirming that the certificate is valid, and (c) whether the user of the certificate has the authority to access the server. If the check results of (d), (b) and (c) are appropriate, the user ID and password of the user are transmitted to the server so that the server authenticates the user. 5. A client and server via a network
A computer program bus and integrated authentication server is instantiated on a storage medium readable by the integrated authentication server in a communicable network system to each other, said program comprising the following steps: (a) to the client The user ID and password transmitted via the first server are received, (b) it is checked whether the user with the user ID has the authority to access the first server , and (c) (b ) If the check result is valid, a temporary certificate of the user is created, (d) the certificate is transmitted to the client via the first server , and (e) the client transmits the second server. receives該証clear proofs information transmitted via, (f)該証clear proof is confirmed to be valid, the user's (g)該証clear sign access to the second server Check whether there is authority to, the (h) (f) and (g) the user ID and password if the check result of the validity by the second server of the user to authenticate the said user Send to the second server .